Web browsers have been having a real torrid time of late, it seems the only people showing them any great attention these days are those looking for new 0-day vulnerabilities. Two weeks ago we blogged about the Microsoft Video Streaming ActiveX control vulnerability (Microsoft Windows 'MPEG2TuneRequest' ActiveX Control Remote Code Execution Vulnerability – BID 35558) that can be exploited through mostly the older but still widely used versions of Internet Explorer 6 and 7. That vulnerability was quite widely used by malware in the attack involving a Trojan named Downloader.Fostrem. The Trojan In turn downloads various other bits and pieces of malware that we detected as Backdoor.Trojan and Trojan.Dropper.
The common theme amongst all these vulnerabilities is that the repertoire of the Web attacker is ever expanding, when combined with SQL injection into massive numbers of Web sites, this allows for massive and successful propagation of malware by way of drive-by downloads. In this day and age, the old advice of avoiding certain types of Web site and content on the Internet is no longer enough when even trusted sites have been known to be compromised in the past. Making sure your Web browser and other applications are fully patched, your Antivirus and Firewall software are running and up to date with the latest definitions sets and using a bit of street smarts should go a long way towards keeping you out of harm’s way. And who knows, maybe next month the browsers might just get a break from all this unwanted attention, but then again, who can tell what might happen next.